Hi all,
I'm currently working on a Proxmox VE setup and need some help getting VLAN trunking to work properly. I'm aiming for a setup where Proxmox does not handle any VLANs—I want all VLAN configuration to be done inside my OPNsense VM.
Team, please note I did read few threads here also tried those fixes, but nothing is working for me.
|
[NIC1 - WAN]
|
[ Proxmox VE Host ]
|
[NIC2 - LAN (trunk port)]
|
[MikroTik Switch - Trunk Port]
|
[Other VLAN Devices]
|
VM (OPNsense)
- WAN (bridged to NIC1)
- LAN (VLAN 100 on NIC2 trunk)
How can I configure Proxmox to just pass VLAN-tagged traffic to the OPNsense VM without interpreting or altering it?
Any help or examples would be greatly appreciated!
Current config
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!
auto lo
iface lo inet loopback
iface enp2s0 inet manual
iface eno1 inet manual
iface enx0c37961577f3 inet manual
auto vmbr0
iface vmbr0 inet static
address 10.27.27.10/24
gateway 10.27.27.5
bridge-ports enp2s0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
mtu 1500
#LAN
iface wlp0s20f3 inet manual
auto vmbr1
iface vmbr1 inet manual
bridge-ports eno1
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#WAN
source /etc/network/interfaces.d/*
Thanks!
I'm currently working on a Proxmox VE setup and need some help getting VLAN trunking to work properly. I'm aiming for a setup where Proxmox does not handle any VLANs—I want all VLAN configuration to be done inside my OPNsense VM.
Team, please note I did read few threads here also tried those fixes, but nothing is working for me.
My Setup:
- Proxmox VE Host
- Hosting OPNsense VM as my firewall/router
- Physical Server NICs:
- NIC1 – Connected to WAN (goes directly to ISP)
- NIC2 – Connected to LAN (goes to managed switch)
- Managed Switch: MikroTik
- Port connected to NIC2 is configured as a trunk port (carrying VLANs)
What I'm Trying to Do:
- Let OPNsense handle all VLANs
- Trunk all VLANs from switch → Proxmox NIC2 → OPNsense VM
- No VLAN configuration on Proxmox host itself
What Works:
- I’ve assigned a management IP to the Proxmox host via NIC2 (no VLAN).
- OPNsense can get WAN and LAN IPs (LAN is untagged during testing).
- When testing with untagged LAN, connectivity works fine.
What Doesn’t Work:
- When I connect Proxmox LAN to the MikroTik trunk port (VLAN 100 for LAN):
- OPNsense LAN interface is assigned VLAN 100
- No DHCP / no connectivity from OPNsense LAN
- It seems VLAN tags are not reaching the VM or being stripped by Proxmox?
Simplified Diagram:
[ISP]|
[NIC1 - WAN]
|
[ Proxmox VE Host ]
|
[NIC2 - LAN (trunk port)]
|
[MikroTik Switch - Trunk Port]
|
[Other VLAN Devices]
|
VM (OPNsense)
- WAN (bridged to NIC1)
- LAN (VLAN 100 on NIC2 trunk)
My Goal:
- Have the OPNsense VM receive VLAN-tagged traffic directly via NIC2
- No VLAN interfaces or bridges on Proxmox host itself—just passthrough
What I’ve Tried:
- Bridging NIC2 directly to OPNsense LAN interface
- No VLAN-aware bridges on Proxmox
- OPNsense has VLAN 100 interface added on its side
Question:
How can I configure Proxmox to just pass VLAN-tagged traffic to the OPNsense VM without interpreting or altering it?
Any help or examples would be greatly appreciated!
Current config
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!
auto lo
iface lo inet loopback
iface enp2s0 inet manual
iface eno1 inet manual
iface enx0c37961577f3 inet manual
auto vmbr0
iface vmbr0 inet static
address 10.27.27.10/24
gateway 10.27.27.5
bridge-ports enp2s0
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
mtu 1500
#LAN
iface wlp0s20f3 inet manual
auto vmbr1
iface vmbr1 inet manual
bridge-ports eno1
bridge-stp off
bridge-fd 0
bridge-vlan-aware yes
bridge-vids 2-4094
#WAN
source /etc/network/interfaces.d/*
Thanks!
Last edited: